Data of 820K current and former New York City Public School students compromised in Illuminate Hack.

Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.

Accessed on 28 March 2022, 1332 UTC.

Content provided by “Cyware.com.”

Source:  https://cyware.com/cyber-security-news-articles

Please click link or scroll down to read your selections.

Latest Cybersecurity News And Articles

Data of 820,000 Current and Former New York City Public School Students Compromised in Illuminate Hack

Illuminate Education has not disclosed what, if anything, had been done with the affected data. The Department of Education is asking the NYPD, FBI and state attorney general’s office to investigate the hack.

CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog

Experts recommend organizations review the Catalog and address the vulnerabilities in their infrastructure. The new vulnerabilities added to the catalog have to be addressed by federal agencies by April 15, 2022.

Long Island schools hit with 29 ransomware attacks, hacks, other cyber incidents in past 3 years

Thirteen of those incidents involved ransomware, hacks or cyberattacks in which someone infiltrated computer systems, according to data obtained by Newsday through a Freedom of Information Law request.

Hive Ransomware Gang Ports its Linux VMware ESXi Encryptor to Rust Language

The Hive ransomware operation has converted their VMware ESXi Linux encryptor to the Rust programming language and added new features to make it harder for security researchers to snoop on victim’s ransom negotiations.

FCC adds Kaspersky to its list of national security threats

The US Federal Communications Commission has added Russian cybersecurity company Kaspersky Lab to its list of entities that pose an “unacceptable risk to US national security,” according to a report from Bloomberg.

Muhstik Botnet Takes Aims at Redis Servers Through Recently Disclosed Lua Sandbox Escape Flaw

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system.

Horizon Actuarial Services data theft impacts MLB Players Benefit Plan members

Threat actors exploited the networks of Horizon Actuarial Services in November, stealing the data belonging to the consulting services vendors and two different client groups.

URL rendering trick enabled WhatsApp, Signal, iMessage phishing

A rendering technique affecting the world’s leading messaging and email platforms, including Instagram, iMessage, WhatsApp, Signal, and Facebook Messenger, allowed threat actors to create legitimate-looking phishing messages.

Racoon Stealer malware suspends operations due to war in Ukraine

The cybercrime group behind the development of the Racoon Stealer password-stealing malware has suspended its operation after claiming that one of its developers died in the invasion of Ukraine.

Clear Skye raises $14 million to close the gap between identity and business processes

Clear Skye announced that the company has completed a $14 million Series A funding round, bringing total funding for the company to nearly $20 million since its initial seed round in 2020.

EU and US agree new data transfer deal

The detail of what has been agreed by the EU and U.S. in principle — and how exactly the two sides have managed to close the gap between what remain two very differently oriented legal systems — is not clear.

Cybercriminals launched 9.75 million DDoS attacks in 2021

During the second half of 2021, cybercriminals launched approximately 4.4 million DDoS attacks, bringing the total number of DDoS attacks in 2021 to 9.75 million, a NETSCOUT report reveals.

Purple Fox Uses New Arrival Vector and Improves Malware Arsenal

Trend Micro investigated Purple Fox’s new arrival vector and early access loaders. Users’ machines seem to be targeted with malicious payloads masquerading as legitimate application installers.

Western Digital fixes critical bug giving root on My Cloud NAS devices

This out-of-bounds heap read/write flaw can be exploited by unauthenticated threat actors in low complexity attacks targeting My Cloud devices running vulnerable firmware versions.

North Korean Groups Share Zero-Day Exploit in Chrome

Google’s TAG uncovered two attack campaigns by distinct North Korean state actors abusing the same Chrome zero-day. The attacks were aimed at IT organizations, news media, and crypto-banks in the U.S. Organizations are recommended to adopt proactive security measures and implement multiple layers o … Read More

Vidar Spyware Abuses CHM File Formats to Evade Detection

Threat actors are hiding Vidar malware in Microsoft Compiled HTML files to avoid detection in email spam campaigns to target victims and harvest their data. This allows the malware to set up its configuration and start data harvesting, including cryptocurrency account credentials and credit card in … Read More

Operation Dragon Castling Targets Betting Companies

Operation Dragon Castling is yet another campaign by a Chinese-speaking APT group targeting betting companies in Southeast Asian countries. One of the malicious files used in this campaign is the MulCom backdoor that is believed to be loaded by a malicious file, CorePlugin. The researchers have spo … Read More

Hodur: A New Korplug Variant from Chinese Hackers

A new variant of PlugX RAT, named Hodur, is being used by Mustang Panda against East and Southeast Asian entities, with a few in Europe and Africa too. Its phishing lures include a regional aid map for a European country, updated COVID-19 travel restrictions, and the Regulations of the European Pa … Read More

Kaspersky named first Russian company on security risk list

The U.S. placed internet-security provider AO Kaspersky Lab on a list of companies deemed a threat to national security, for the first time adding a Russian entity to a list dominated by Chinese telecommunications firms.

Russian military behind hack of satellite communication devices in Ukraine at war’s outset, U.S. officials say

U.S. intelligence analysts have concluded that Russian military spy hackers were behind a cyberattack on a satellite broadband service that disrupted Ukraine’s military communications at the start of the war last month.